Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/ZRiFSjtXOAKqBfZiD1CfWqb9XYI.roa
File: ZRiFSjtXOAKqBfZiD1CfWqb9XYI.roa (raw, json)
Hash identifier: vZpGVCSS1u2B3W0d1kbCilfeYeklaHXA0Ycxc4pH+Jg=
Subject key identifier: 65:18:85:4A:3B:57:38:02:AA:05:F6:62:0F:50:9F:5A:A6:FD:5D:82
Certificate issuer: /CN=bdfa3af839aa1dce758f489e2d31ae22092fc99a
Certificate serial: 018CCA286CA1564206B2572FDFF7029E2212
Authority key identifier: BD:FA:3A:F8:39:AA:1D:CE:75:8F:48:9E:2D:31:AE:22:09:2F:C9:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfo6-DmqHc51j0ieLTGuIgkvyZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/ZRiFSjtXOAKqBfZiD1CfWqb9XYI.roa
Signing time: Tue 02 Jan 2024 12:31:35 +0000
ROA not before: Tue 02 Jan 2024 12:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28704
IP address blocks: 91.190.208.0/24 maxlen: 24
193.243.136.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/vfo6-DmqHc51j0ieLTGuIgkvyZo.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/vfo6-DmqHc51j0ieLTGuIgkvyZo.mft
rsync://rpki.ripe.net/repository/DEFAULT/vfo6-DmqHc51j0ieLTGuIgkvyZo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:6c:a1:56:42:06:b2:57:2f:df:f7:02:9e:22:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfa3af839aa1dce758f489e2d31ae22092fc99a
Validity
Not Before: Jan 2 12:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6518854a3b573802aa05f6620f509f5aa6fd5d82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4e:e2:5f:83:81:a3:37:9d:8e:ab:7c:5e:db:
6b:75:86:b5:e4:0c:2a:09:d9:66:4c:9b:47:f8:a3:
1c:6a:70:dc:2e:09:b5:b2:6e:22:94:f9:e1:a8:07:
c1:71:91:a9:87:36:6c:8f:20:58:2b:6c:a7:be:3d:
da:eb:17:63:f8:37:de:43:4c:0b:78:3e:4f:42:6b:
0a:a1:06:47:aa:59:0d:d4:28:49:c8:59:73:2b:8b:
cc:5c:59:e5:aa:24:ce:9f:c9:ee:a4:c3:91:a8:ad:
d2:0b:6f:a5:07:72:f4:86:f3:5a:24:bf:bc:ae:ca:
a9:97:65:63:6f:6c:e8:97:5b:cc:87:43:10:fb:1d:
c1:00:cd:00:b9:d4:d9:0b:be:35:0f:52:4a:4c:42:
55:c5:c9:7a:6c:2a:84:78:f1:67:cb:79:67:e2:2f:
34:1a:da:eb:6a:46:12:4b:c1:65:99:0c:48:18:4d:
e6:ec:a1:04:83:ee:31:7f:45:a8:5a:7a:65:84:ad:
68:63:92:7e:cd:12:d9:f6:06:a0:59:5e:9c:0f:a8:
8e:71:5a:0d:c8:96:51:1c:3d:8c:73:96:11:fe:1b:
b5:fd:35:96:68:00:aa:5d:a4:8f:24:e7:cd:b6:6b:
c2:24:fa:70:95:61:3b:e7:18:6d:31:8e:b9:d2:1b:
9a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:18:85:4A:3B:57:38:02:AA:05:F6:62:0F:50:9F:5A:A6:FD:5D:82
X509v3 Authority Key Identifier:
keyid:BD:FA:3A:F8:39:AA:1D:CE:75:8F:48:9E:2D:31:AE:22:09:2F:C9:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfo6-DmqHc51j0ieLTGuIgkvyZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/ZRiFSjtXOAKqBfZiD1CfWqb9XYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/vfo6-DmqHc51j0ieLTGuIgkvyZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.208.0/24
193.243.136.0/23
Signature Algorithm: sha256WithRSAEncryption
67:e0:09:c7:dd:97:59:f8:02:92:47:25:a1:09:fb:d1:5b:d7:
f5:40:06:c7:40:b5:bb:d7:f2:e0:57:5d:e0:a7:e0:bb:58:ae:
9c:2e:34:65:7b:1a:fe:a2:1e:4d:c2:32:79:36:7b:36:11:42:
96:c1:cf:5a:00:f4:f6:7c:3c:76:2a:bb:bd:15:71:5d:40:d3:
64:7b:80:60:4d:f3:8a:ba:e7:3c:f4:eb:19:98:89:11:a8:82:
c9:95:f6:73:56:ed:f7:e2:10:73:93:25:cf:11:4e:87:50:86:
1d:87:32:8d:67:96:cf:79:a0:86:22:bc:d5:72:4b:03:47:0a:
59:77:99:cf:3e:95:24:02:8c:7f:5d:0d:64:45:7c:ed:15:ab:
de:b6:5c:92:b3:e5:54:b9:99:a4:7a:2a:70:13:3f:8d:a9:d3:
92:e7:2f:b7:79:4e:17:e3:aa:90:e3:6f:6e:eb:40:2e:c1:54:
8d:09:a3:c9:2b:3c:24:1f:fb:d7:34:5b:40:64:17:d9:89:6c:
e8:e9:37:9c:47:cf:7d:46:a7:db:11:2c:8c:d2:33:c5:f5:25:
f2:7f:42:52:72:6b:06:af:b1:9b:33:6d:45:99:43:18:96:27:
4f:3d:db:37:79:f8:05:93:34:ab:48:36:c2:3f:22:48:5b:00:
7e:06:98:ec
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKGyhVkIGslcv3/cCniISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmEzYWY4MzlhYTFkY2U3NThmNDg5ZTJkMzFhZTIyMDky
ZmM5OWEwHhcNMjQwMTAyMTIzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTE4ODU0YTNiNTczODAyYWEwNWY2NjIwZjUwOWY1YWE2ZmQ1ZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvE7iX4OBozedjqt8XttrdYa15Awq
CdlmTJtH+KMcanDcLgm1sm4ilPnhqAfBcZGphzZsjyBYK2ynvj3a6xdj+DfeQ0wL
eD5PQmsKoQZHqlkN1ChJyFlzK4vMXFnlqiTOn8nupMORqK3SC2+lB3L0hvNaJL+8
rsqpl2Vjb2zol1vMh0MQ+x3BAM0AudTZC741D1JKTEJVxcl6bCqEePFny3ln4i80
GtrrakYSS8FlmQxIGE3m7KEEg+4xf0WoWnplhK1oY5J+zRLZ9gagWV6cD6iOcVoN
yJZRHD2Mc5YR/hu1/TWWaACqXaSPJOfNtmvCJPpwlWE75xhtMY650huaKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGUYhUo7VzgCqgX2Yg9Qn1qm/V2CMB8GA1UdIwQY
MBaAFL36Ovg5qh3OdY9Ini0xriIJL8maMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZvNi1EbXFIYzUxajBpZUxUR3VJZ2t2eVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC84Y2RiYzUtOTM2NS00YTBjLWI5YTMt
YWU3NzQ2ZjA5NjMwLzEvWlJpRlNqdFhPQUtxQmZaaUQxQ2ZXcWI5WFlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC84Y2RiYzUtOTM2NS00YTBjLWI5YTMtYWU3NzQ2ZjA5NjMw
LzEvdmZvNi1EbXFIYzUxajBpZUxUR3VJZ2t2eVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW77QAwQB
wfOIMA0GCSqGSIb3DQEBCwUAA4IBAQBn4AnH3ZdZ+AKSRyWhCfvRW9f1QAbHQLW7
1/LgV13gp+C7WK6cLjRlexr+oh5NwjJ5Nns2EUKWwc9aAPT2fDx2Kru9FXFdQNNk
e4BgTfOKuuc89OsZmIkRqILJlfZzVu334hBzkyXPEU6HUIYdhzKNZ5bPeaCGIrzV
cksDRwpZd5nPPpUkAox/XQ1kRXztFavetlySs+VUuZmkeipwEz+NqdOS5y+3eU4X
46qQ429u60AuwVSNCaPJKzwkH/vXNFtAZBfZiWzo6TecR899RqfbESyM0jPF9SXy
f0JScmsGr7GbM21FmUMYlidPPds3efgFkzSrSDbCPyJIWwB+Bpjs
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:44:07 2024 by rpki-client on console-ams.rpki-client.org